Hello!
INC2534320 ([PATCH v1] hw/pvrdma: Protect against buggy or malicious guest
driver) has been closed.
Opened for: yuval.shaia...@gmail.com
Followers: qemu-devel@nongnu.org, soulchen8...@gmail.com, Mauro Matteo
Cascella, qemu-secur...@nongnu.org, yuval.shaia...@gmail.com,
marcel.apfelb...@
org
[mailto:qemu-devel@nongnu.org] from time to time.
Marcel, any feedback?
Yuval
On Mon, 13 Mar 2023 at 18:56, Red Hat Product Security mailto:secal...@redhat.com]>
wrote:
> Hello!
>
> INC2534320 ([PATCH v1] hw/pvrdma: Protect against buggy or malicious guest
> driver) has been u
Hello!
INC2534320 ([PATCH v1] hw/pvrdma: Protect against buggy or malicious guest
driver) has been updated.
Opened for: yuval.shaia...@gmail.com
Followers: qemu-devel@nongnu.org, soulchen8...@gmail.com, Mauro Matteo
Cascella, qemu-secur...@nongnu.org, yuval.shaia...@gmail.com,
marcel.apfelb...
Hello!
INC1531976 ([RFC 1/1] security-process: update process information) has been
updated.
Opened for: Prasad Pandit
Followers: stefa...@gmail.com, peter.mayd...@linaro.org,
sstabell...@kernel.org, Petr Matousek, p...@fedoraproject.org,
konrad.w...@oracle.com, michael.r...@amd.com, m...@redh
On Mon Aug 13 18:27:27 2018, ja...@google.com wrote:
> On Mon, Aug 13, 2018 at 11:21 PM Red Hat Product Security
> wrote:
> > Hi Jann,
> >
> > Thanks for reporting this. I've asked our analysis team to check this.
> > I'll update you on any progress.
&g
Hi Jann,
Thanks for reporting this. I've asked our analysis team to check this.
I'll update you on any progress.
Regards
--
Laura Pardo, Red Hat Product Security
3867 E074 DC5C FFA9 1AA7 EB7F 35A2 69F0 0073 71B6
e be assigned a CVE number ?
>
> We'll get back to you on this.
> Meanwhile, could you pls confirm you are okay with posting the patch
> on the public mailing list?
>
Michael,
have you already requested CVE or can we assign it internally? I just want to
make sure we avoid
Please use 'CVE-2014-3615' for the information disclosure and potential memory
corruption issue. When you submit patches upstream include this in the commit
log. Please include me in the CC list when you send patches upstream.
Thank you.
--
Prasad J Pandit / Red Hat Product Security
ntrolled by an end application in the
guest? If so, that could be used to write/set arbitrary memory bytes on the
host, without crashing the Qemu, as the crash requires it to hit an unmapped
memory area.
Could an unprivileged user/process on the guest trigger this crash in Qemu?
---
Prasad J Pandit / Red Hat Product Security